Keyword Search

Authors

Date Range

Categories

Superheroes & Villains: Ethical Hackers Needed

As is often the case in cybersecurity, good news and bad news are closely linked. In my last blog, we discussed the differences between white hat and black hat cybersecurity hackers, the different types of threat actors targeting today’s organizations and their various motivations.

At a time when many organizations are still struggling with the cybersecurity skills shortage, the opportunity exists for white hat, or ethical, hackers to showcase their value to organizations. In this post, we are going to shift the focus to the other side of the coin – the white hats helping to keep information safe and their importance as part of a business’ everchanging security posture.

The need for ethical hackers

There is no shortage of examples of how high the price can be for victims of cyberattacks. The cost of dealing with the SamSam ransomware attack, for example, has already cost the city of Atlanta millions of dollars. Studies have estimated the impact of cybercrime on the global economy to be hundreds of billions of dollars a year. Every day, social engineering, phishing and other attacks are being used in attempts to compromise organizations of all sizes. As the number of Internet-connected devices continues to grow and the attack surface widens for businesses, it is fair to surmise that both the complexity of securing IT environments, and the cost of failing to do so will grow as well.

The best way to see if your organization can stand up to hackers is to attack it. To this end, ethical hackers need to think like their counterparts on the other side of the law and adopt the tactics of their adversaries. This means leveraging everything from recon to social engineering to push your organization’s cyber defenses to their limits. By attempting to poke holes in security, white hat hackers are putting organizations in the position to identify any gaps in their security controls and address them before they are exploited by malicious attackers.

Renewed approach to defense

Over the years, many business and IT leaders have adopted the “assume breach” philosophy – meaning that organizations discuss security controls from the standpoint of assuming that they have been breached by a stealthy attack. This thought process moves security discussions beyond technologies like signature-based detection at the perimeter to more advanced detection and response methodologies focused on identifying threat actors based on their behavior within a compromised environment.

From a white hat’s perspective, this means focusing on testing within the perimeter as much as – if not more – than testing for remotely exploitable vulnerabilities. Understanding lateral movement vulnerabilities and possible avenues for data exfiltration and persistence becomes a more pressing concern.

In general, the arsenals of both groups are the same, as they both typically rely on extensive recon and exploiting known vulnerabilities to compromise systems and applications. While attackers, able to get their hands on zero-days, have an advantage against security defenders, white hats often have the advantage of not having to do reconnaissance on their target environments. A firm that is brought into a company to conduct a penetration test will often be given the topology of the company’s network and applications, while black hats would have to obtain that information surreptitiously.

Becoming an ethical hacker

Still, criminal hackers only have to be successful once, whereas those defending security have to be right every time. This perpetual race between the two groups is not slowing down any time soon. With so much on the line, there is a real opportunity for those interested in ethical hacking to do significant good.

For organizations, hiring and retaining cybersecurity professionals means offering competitive pay. It also means identifying and encouraging cybersecurity personnel interested in understanding the tactics and techniques of attackers in order to improve defense. Given the nature of the job, white hat hackers need the ability to think creatively and problem-solve their way around security defenses.

Supporting employees looking to broaden their skillsets with continued education or security certifications sends the signal that security expertise is valued. A good starting point is the Certified Ethical Hacking (CEH) certification, which can be obtained after a four-hour test. The CEH certification is widely known and demonstrates a general knowledge of security risks, countermeasures and common attacker techniques, like social engineering and conducting reconnaissance. Other certifications include the Offensive Security Certified Professional and the SANS Institute’s GIAC (Global Information Assurance Certification) Penetration Tester (GPEN).

Each of these certifications can bolster the resume of security professionals as they go deeper into their field of focus. Security is a wide world, and anyone interested in being an ethical hacker should look to specialize in a few areas of interest while keeping up to speed on cybersecurity at large.

While the tactics of black hats and white hats are largely the same, the lines between these groups are distinct. If a hacker is willing to follow the law and ethical principles, an ethical hacker can serve as a true force multiplier for today’s enterprises and organizations. As the world becomes more connected, the need to secure the infrastructure that connects us will grow.

Chris Hinkley, OSCP, CISSP | Senior Security Architect

As senior security architect of Armor, Chris Hinkley utilizes a decade of security expertise to design, test and deploy next generation security processes and techniques for the cloud. His work at Armor was instrumental in Armor being one of the first cloud companies globally to achieve PCI DSS compliance. Prior to Armor, Hinkley worked as a Web Developer for TargetScope, an interactive marketing and Web development company. In that role he created everything from website animations to complex and dynamic product configurations using the latest technology and development frameworks. With Armor, Hinkley has held a number of security and technology-related roles, including security engineer, lead engineer and support manager. In those roles he has serviced thousands of FireHost customer servers, including Windows and Linux, and overseen the security of all hosting environments to meet PCI, HIPAA and other compliance guidelines. Hinkley is a sought after speaker and author on cloud, security and open source topics, publishing regular columns in SecurityWeek and other industry magazines. Hinkley is a Certified Information Systems Security Professional (CISSP).

Related Blog Posts

Dec 192018

Smart Life: Don’t Be Dumb with Your Smart Devices

With the holiday season approaching, it’s becoming clearer how much the Internet of Things (IoT) has expanded and how little many people (and companies) are paying attention to smart device security. Learn more.

Geoffrey Pamerleau

Senior Ethical Hacker

Geoffrey Pamerleau joined Armor as a senior ethical hacker bringing 10 years of expertise in IT and cyber security to the Threat Resistance Unit (TRU). Before joining Armor, Geoff was a Computer Network Operator for the NSA, where he was tasked with performing computer network exploitation operations. He served in the United States Air Force with distinction as a Cyberspace Operations Officer. Prior to his commission, Geoff received a Bachelor’s in Computer Science with a focus on Cyberwarfare from the United States Air Force Academy. While there, Geoff was a member of the Academy’s Cyber Warfare Club and competed in National and International information security competitions. Geoff has certifications in incident handling and penetration testing from SANS and Offensive Security. (GCIH, GPEN, and OSCP).

Related Pages

Post Tags

The first two stops on our roadshow are next week! We will be in Dallas on the 26th and Houston on the 28th. Register now to reserve your spot. You won't want to miss it! #compliance #cloud #AWS https://t.co/mzIFnPUAib

More than 80% of SMEs are planning to boost their security budget by 14% over the next year, while 89% say they've enhanced their security staff, appointing roles such as CISO, CSO and VP of infosecurity. Read more in this report by Armor and @451Research. https://t.co/Tcl7i0lLjf

Armor exists to protect. Each employee feels our passion, knows the vision and lives the company values. Diversity is key. Every role is important to Armor’s success. We volunteer our best every day and go to any length to ensure our customers are protected.